Methods, systems, and computer readable media for network security are described. In some implementations, security tasks and roles can be allocated between an endpoint device and a firewall device based on tag information sent from the endpoint and also based on resource availability and process reputation of a pro...

Methods, systems and computer readable media for protecting networks and devices from network security attack using physical communication layer characteristics are described.

Methods, systems and computer readable media for secure VLAN within a wireless network are described.

Methods, systems and computer readable media for rogue access point detection are described.

Methods, systems and computer readable media for location-based endpoint security are described.

Methods, systems and computer readable media for rogue access point detection are described.

Disclosed are various embodiments of method and system for network access control. The method may involve traffic monitoring and vulnerability detection using process information. The system may analyze the vulnerability as a process malfunctioning where preventive action focuses on process blocking as opposed to ho...

Methods, systems and computer readable media for rogue device detection are described. The method may include automatically generating one or more dummy network identifiers associated with a wireless network, advertising the one or more dummy network identifiers, and identifying a device as a suspect device based...

Methods, systems, and computer readable media for rogue device detection are described. A method may include identifying a device type of a device transmitting data over a network and obtaining one or more uniform resource locators (URLs) from the data, where the one or more URLs form a portion of a request transmit...

Systems and methods for assigning a persistent internet protocol (IP) address to a virtual private network (VPN) client. The method includes receiving, at a first server, a request for access from a first VPN client, the request including access credentials and the first server having a routing table; sending, from...

Systems and methods for monitoring network activity. The methods include receiving at an interface a first logging parameter for a first network device, wherein the first logging parameter specifies how the first network device is to record data associated with the first network device; communicating the first log...

An endpoint device uses hardware-based security to authenticate to an enterprise network. For example, an endpoint device such as network hardware or an end user device can request authentication in order to join an enterprise network that is managed by a computing platform such as a threat management facility. In o...

Systems and methods for monitoring network activity. The methods include causing a display of a user interface to a user, wherein the user interface configured to present to the user a classification of a signature, wherein the classification of the signature is made by a firewall, and receive an input from the use...

A method comprises monitoring a computing environment including a plurality of containers, determining, for one of the containers, a service type and an IP address, assigning the IP address of the container having the determined service type to a first list of IP addresses, assigning an IP address of each of the con...

A method for performing admission control in a containerized computing environment includes deploying, by one or more processors of a computer system, the containerized computing environment, receiving, by the containerized computing environment, constraints associated with admission control for containers, the cons...

Methods and systems for generating a plurality of threat signatures. In one embodiment, the method includes receiving at an interface a first plurality of threat signatures; adding, using one or more processors executing instructions stored on memory, at least one metadata attribute to each of the first plurality o...

Threat management devices and methods for a containerized firewall. The methods may include receiving instructions to configure a web application firewall being executed within a first container-based architecture, wherein the received instructions include changes to a previous network traffic policy; storing the re...

Systems and methods for operating a container-based architecture. The methods include executing, using one or more processors, instructions stored on memory to provide a Domain Name Service (DNS) proxy service, wherein the DNS proxy service is executed in a container-based architecture; and receiving at the DNS pro...

Systems and methods for scanning network activity. The methods include receiving at an interface connection data regarding a plurality of network connections, wherein the connection data includes a signature used to classify each of the plurality of network connections; determining, using one or more processors exe...

A method includes receiving, by a computer system, information related to device health of an electronic device, determining, by the computer system, a health status of the electronic device based at least in part on the received information related to the device health of the electronic device, requesting, by a swi...

Methods and systems for detecting threats using threat signatures loaded in a computing device. The methods include receiving a first plurality of threat signatures at a computing device, at least one threat signature of the first plurality of threat signatures having been assigned a score based on at least one met...

Methods, systems, and computer readable media for network security are described. In some implementations, security tasks and roles can be allocated between an endpoint device and a firewall device based on tag information sent from the endpoint and also based on resource availability and process reputation of a ...

A secure web gateway for a cloud computing environment comprises a data plane component, comprising: a front-end domain name service (DNS) configured to receive an inbound DNS request and map an IP address of the DNS request to a policy identification value corresponding to a customer policy and a plurality of plugi...

A variety of techniques are used to improve monitoring of activities within a cloud computing environment that hosts resources for an enterprise network. For example, by enabling a remote threat management facility to identify relationships among nodes in the cloud, identities in the cloud, and sequencies of activit...